package com.lf.sp.controller.backend;

import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.lf.sp.common.Const;
import com.lf.sp.common.ServerResponse;
import com.lf.sp.pojo.User;
import com.lf.sp.service.IUserService;

@Controller
@RequestMapping("/manage/user/")
public class UserManageController {

	@Autowired
	private IUserService iUserService;
	/**
	 * 管理员登陆
	 * @param username
	 * @param password
	 * @param session
	 * @return
	 */
	@RequestMapping(value="login.do",method=RequestMethod.POST)
	@ResponseBody
	public ServerResponse<User> login(String username,String password,HttpSession session){
		ServerResponse<User> response = iUserService.login(username, password);
		if(response.isSuccess()){
			User user = response.getData();
			if(user.getRole() == Const.Role.ROLE_ADMIN){
				//说明是管理员
				session.setAttribute(Const.CURRENT_USER, user);
				return response;
			}else{
				return ServerResponse.createByErrorMessage("不是管理员，无法登陆");
			}
		}
		return response;
	}
}
